Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search
Register Login
sloganpng
flash

Semischolastica.js

Status: finished
Submission Time: 2023-05-26 11:23:19 +02:00
Malicious
Evader

Comments

Tags

  • js

Details

  • Analysis ID:
    876155
  • API (Web) ID:
    1243148
  • Analysis Started:
    2023-05-26 11:25:36 +02:00
  • Analysis Finished:
    2023-05-26 11:34:14 +02:00
  • MD5:
    476fad0a9b9f0b665b416beb78b55cff
  • SHA1:
    c5631292a9e8c5887e3674c819cd3ee4aab786dd
  • SHA256:
    aa18039b1459c1054b2ead589186d0c3e1e02cdfebf5f4642e1b5cc13af8c104
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211

malicious
92/100

malicious
18/59

malicious
5/36

malicious

URLs

Name Detection
http://nuget.org/NuGet.exe
https://github.com/imaya/zlib.js
http://pesterbdd.com/images/Pester.png
Click to see the 8 hidden entries
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
http://www.apache.org/licenses/LICENSE-2.0.html
https://go.micro
https://github.com/Pester/Pester
https://contoso.com/
https://nuget.org/nuget.exe
https://contoso.com/License
https://contoso.com/Icon

Dropped files

Name File Type Hashes Detection
C:\ProgramData\WeigelasScribbleable.js
 ASCII text, with very long lines (47992), with CRLF line terminators
 #
C:\ProgramData\WeigelasScribbleable.js:Zone.Identifier
 ASCII text, with CRLF line terminators
 #
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
 data
 #
Click to see the 3 hidden entries
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
 data
 #
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eg3rnj2e.acv.psm1
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lsaixmmc.yur.ps1
 very short file (no magic)
 #